Cisco chief John Chambers has written to Barack Obama asking the US president to help restore trust in US tech firms after revelations the government tampers with equipment en route to offshore customers.

Chambers said the allegations could undermine confidence in the entire US technology sector and would be an impossible environment for the company to succeed in.

“[I]f hese allegations are true, these actions will undermine confidence in our industry and in the ability of the technology companies to deliver products globally,” wrote Chambers.

“This confidence is eroded by revelations of governments’ surveillance, government demands that make it difficult for companies to meet the privacy expectations of citizens and laws of other countries, and allegations that governments exploit rather than report security vulnerabilities,” he wrote.

Chambers urged Obama to consider “new rules of the road” to ensure the US' technological leadership was not “impaired”.

Cisco’s specific requests were conveyed in a blog post published last week by Cisco’s general counsel, Mark Chandler, who outlined the company’s wish that agencies require a court’s permission to keep a zero day flaw under wraps — rather than using solely internal procedures to determine whether to tell a vendor about a vulnerability.

Cisco’s suggestions included:

Governments should have policies requiring that product security vulnerabilities that are detected be reported promptly to manufacturers for remediation, unless a court finds a compelling reason for a temporary delay. By the same token, governments should not block third parties from reporting such vulnerabilities to manufacturers.

Governments should not interfere with the ability of companies to lawfully deliver internet infrastructure as ordered by their customers

Clear standards should be set to protect information outside the United States which belongs to third parties, but are in the custody of subsidiaries of US companies, so that customers world-wide can know the rules that will apply and work with confidence with US suppliers.

Latest Videos

​Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.​

No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?

Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.